Please submit only technical tips that will help other TidBITS readers better use their Macs, iPhones, iPads, and related software and hardware. All product announcements should be sent to releases@tidbits.com.

Tip title*

Your tip*

URL

Enter the URL to a Web page that supports your tip.

Linked text

Enter the name of the page linked above.

Your name*

Your email*

* indicates required fields

To help us avoid automated posts and spam, please enter the words below.

When you submit a tip, you give us permission to use it. Read our terms for more details. All submissions are reviewed before publication.

Our terms: By submitting a tip, you agree to assign TidBITS Publishing Inc., a non-exclusive, worldwide, perpetual license to reproduce, publish, and distribute your tip in connection with the TidBITS Web site and associated products in any media. You agree that you created the content you submitted, and that you have the right to assign us this license. You give us permission to use your name, but your email address won't be publicly displayed or shared. We review all submissions before publication, and reserve the right to select which submissions we feel are appropriate for our readers and to edit those we publish.

Our terms: We reserve the right to edit or delete any comment, so please post thoughtfully. We use your email address only to send you a one-time verification message confirming that you posted this comment. We also store your address to allow you to verify using other Web browsers in the future. For more info, see our privacy policy.

Move a File in the Finder

Sometimes you want to move a file in the Finder across volumes, not copy that file. Holding down the Command key while dragging ensures that the item is copied, and then its original deleted, adding up to a move.

New York Times Web Site Compromised; How to Stay Safe

Over the weekend, numerous visitors to the New York Times Web site were greeted with pop-ups that warned about a virus and promoted antivirus software that was itself Windows-based malware - an attack technique known as "scareware." The Times has released a statement saying that the pop-ups likely came from an unauthorized advertisement. In a more detailed Gadgetwise blog post, Riva Richmond of the Times explains more of the situation and offers suggestions for what to do if you see such a pop-up.

Of course, if you're using Windows, make sure you're running antivirus software with all updates applied, and if at all possible, use a current Web browser, since older browsers have fewer protective features and may suffer from security vulnerabilities.

That said, these attacks often propagate too quickly for antivirus companies to keep up, so even a fully updated antivirus program may not be able to detect such malware and protect you from it.

Even though Macs are safe from the actual Windows malware that was the payload of this particular attack, there are Web-based attacks (including this one, from what I can tell from reader reports) that essentially take over your Web browser once activated. It's important in such situations to quit the Web browser using Mac OS X's native mechanisms (Control-click the Web browser's Dock icon and choose Quit) in order to circumvent any parts of the user interface that the attacker may have compromised (buttons within the Web browser itself may not do what you expect).

If you're using Firefox or another browser that automatically restores your session after relaunching, I recommend force-quitting the browser (Control-Option-click its Dock icon and choose Force Quit). If you're using Firefox, force-quitting puts Firefox into a recovery mode in which it asks if you want to restore your session, thus letting you avoid reloading the offending page.

In Windows, right-clicking the Web browser in the Task Bar and closing it from there should be a safe way to quit; you can also force quit by pressing Control-Alt-Delete and ending the task from the Task Manager.

If you're interested, Troy Davis has posted an analysis of how this particular attack works on his Inputs & Outputs blog. In essence, the attackers inserted an IFRAME into a third-party advertisement, and that IFRAME contained a series of redirects and a fake page that displays the pop-up with the link to the actual malware.

The important lesson to take away is that this attack relies largely on the user taking specific actions, and it's entirely possible that a future attack could target Mac users with Mac OS X-specific malware. So be cautious, and if you're presented with an extremely unusual pop-up in your Web browser, don't click its buttons, and quit immediately.

READERS LIKE YOU! Support TidBITS by becoming a member today!Check out the perks at <http://tidbits.com/member_benefits.html>Special thanks to Gordon Sande, Carlos Flores, Tom Serkowski, and
Nello Lucchesi for their generous support!